﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data;
using System.Data.SqlClient;

namespace carsitem.login
{
    public class LoginValidation
    {
        public static string ConnString = "Data Source=季白\\MSSQLSERVER04;Initial Catalog=SellCars;Integrated Security=True";
        public static SqlConnection conn;
        public static SqlCommand command;

        public static bool CheckLogin(string EmployeeName, string PassWord, string Department)
        {
            //将传入的2个参数，通过SQL语句，执行
            //ADO.NET断开式访问——查询，返回首行首列
            //1.创建连接对象
            SqlParameter para1 = new SqlParameter("@userID", EmployeeName);
            SqlParameter para2 = new SqlParameter("@password", PassWord);
            SqlParameter para3 = new SqlParameter("@password", Department);
            command.Parameters.Add(EmployeeName);
            command.Parameters.Add(PassWord);
            command.Parameters.Add(Department);
            conn = new SqlConnection("Data Source=.;Initial Catalog=SellCars;Integrated Security=True");
            //打开连接
            if (conn.State == ConnectionState.Closed)
            {
                conn.Open();
            }

            //2.创建command对象
            string sql = string.Format(@"select count(*) from Employee where EmployeeName = '{0}' and[PassWord] = '{1}'" + "select DepartID from Department where DepartName='{2}'", para1, para2, para3);
            command = new SqlCommand(sql, conn);
            //3.执行SQL语句：使用command对象执行语句

            int count = Convert.ToInt32(command.ExecuteScalar());
            //4.判断，返回结果值
            if (count > 0)
            {
                return true;//说明账号密码存在，验证成功
            }
            else
            {
                return false;//说明账号密码不存在，验证失败
            }
        }
    }
}
